IoT and Privacy

This topic contains 2 replies, has 3 voices, and was last updated by Profile photo of Victor Ake Victor Ake 2 years, 1 month ago.

  • Author
  • #2454
    Profile photo of David G. Simmons David G. Simmons 

    An interesting article by my friend Dom …

    What do you ForgeRockers think?

    Profile photo of Jamie Bowen Jamie Bowen 

    Speaking as a member of the community and not as a ‘ForgeRocker’ this is my personal opinion.

    I think the article your friend has written raises some of the age old concerns that have been with us since the internet was created. I also firmly belive that the internet is all about sharing. Now in some instances there is very good reason to be specific regarding who you share with, i.e. to limit sharing, and that is where I think ForgeRock has a compelling and realistic vision.

    The article focuses very much on Consumer IoT where sharing and data collection can be easily made to look sinister or scary in a ‘1984’ kind of a way, but ultimately it is what companies do with the collected data that makes it a force for liberation or a privacy concern. However, if we frame the argument in terms of the industrial IoT then it becomes far less emotive. One can see that understanding the underlying patterns in data generated by a city or an industrial plant can be used to drive efficiency and innovation or to set targets. We can also see that protection and control over who can gain access to control points and generated data is absolutely key.

    Profile photo of Victor Ake Victor Ake 

    Regarding privacy, there is already the User Managed Access (UMA) initiative. UMA can address several of the privacy and access concerns described in the article referred. There are also some things that will need to change from the legal perspective, because at this moment the manufacturer of a “connected product” takes for granted that the data collected belongs to them, when it should belong to the user of the product. The manufacturer collecting data in the cloud could be the custodian of the data but not the owner, or not the owner of all the data. The user should have the right to decide what data he/she wants to share, and with whom. That’s precisely one of the problems that UMA addresses.

    The click “I agree” (and implicitly grant access to all my data) or “Go away” Terms and Conditions will need to evolve, but as I mentioned above the legal framework needs to change, and that might take time.

    Take a look to the OpenUMA project in the ForgeRock community.


Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2017 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your username and password

Lost your password?

Forgot your details?